JTeel
join:2002-11-26
Brookston, IN
| Firewall On Basic Install From Insight?
Is Insight responsible for setting up firewall protection for their customers or is that for the customer to handle. I have a family member that is using Insight and was just wondering how that worked. I see that they have some options under PC Security Center for different types of services but is there anything that comes with just the monthly fee for Internet access by it's self?
Thanks |
|
qos1
join:2003-09-19
Beverly Hills, CA
| XP has that built in..you just need to enable it...there are also many free products out there (google em) if you dont have XP but I wouldnt pay a dime to insight for any of the software they try and peddle on their site esp when there are good free alternatives. |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
3 edits | reply to JTeel
If you read their HELP information on their site. It clearly states that securing your machine is up to you. They do make some suggestions and offer some very good details on the subject on their site. You can get the free version of ZoneAlarm here »besafe.iggyz.com The »Security forum on this site is another very worthwhile place to have a look in regards to basic security setup.
The XP firewall will work to prevent inbound attacks. But honestly is a bit to basic and not user friendly. It also lacks outbound protection which is just as important as inbound.
It does seem that Insight now offers an option to buy a security option from them.
»www.insightbb.com/pcsecurity/
I'll have to take a look at who they are using for this etc. More details here »help.insightbb.com/security/
Looks like an F-Secure package. They could have picked a worse vendor to partner with. F-Secure isn't bad. Guess the easy to use ZoneAlarm Security Suite didn't appeal to Insight - to bad.
--
Test Your Security
Benefit for Children's Cancer
Cable Diagnostics
My Blog |
|
JTeel
join:2002-11-26
Brookston, IN
| reply to JTeel
Thanks to all for the replies and "Insight"...just had to throw that in there. I have not researched Insight much since I already have my own broadband service and I know that all of the providers have their own way of doing things. The person that has the InsightBB service has WinME so most likely he has no firewall protection if Insight is not responsible for that. He is not a computer person so I'm thinking he just has the Insight Internet access and that's it! I will have to talk with him about that and look at his system to see what is there.
Thanks Again
Jeff |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
| Well running any connection - especially a broadband one without a firewall or router in play - preferable both if you own a router or just the software firewall if no router in play - is just asking for a not so fun surprise such as a worm. Or the chance to become a fun spam zombie and get kicked off the network.
Definitely have a chat and find out what is what.
--
Test Your Security Benefit for Children's Cancer Cable Diagnostics My Blog |
|
JTeel
join:2002-11-26
Brookston, IN
| You would think that any broadband provider would take at least some steps to secure the PC since it will be their bandwidth that would be used if a customers systems gets infected! I know that they want to make their service look competitive with other providers but like the with minimum system requirements you would think that they would require minimum security requirements before an install of the service (such as like you said...have at least a software firewall on the PC).
Ohhh well. That's just my humble opinion! |
|
robbym627
Premium
join:2003-09-14
Springfield, IL | reply to JTeel
I recommend using an old pc and a copy of ipcop or smoothwall or even monowall. |
|
SauceMaster
join:2004-08-01
Kokomo, IN
 ·Comcast
 ·AT&T Midwest
| reply to JTeel
no thanks I don't want Insight putting any crappy wares on my pc , I'll take care of it and it shouldn't be there job to do it.
--
Broadcasting The Classic Hits 24/7 SauceMaster Radio!!!! |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
1 edit | reply to robbym627
Ok we are going to have to go there aren't we? How do you expect your average user to have an clue how to set that up? Yes for the true geek this might be a fun project. It might even offer a good amount of security. But your average user is not going to be able to go setup a Linux solution for security. Even if someone sets this up for them. It's not going to be an easy to manage solution. And honestly for the average user their is no need to go this extreme. An easier - somewhat more user friendly option - would be to go with a router. But this has drawbacks as was mentioned above.
I'm sorry but this type of post drives me ape ----!! You see this type of crap in the security forum all the time. Oh your having issues with your software firewall - go get Kerio or Smoothwall. Oh that is just smart isn't it? A user who can't understand Norton, Mcafee, Sygate or ZoneLabs ZoneAlarm is definitely going to have the brains and patiences to figure a Kerio or Smoothwall solution.
Come on - lets keep it real. And offer true easy to use solutions. A misconfigured Smoothwall or Kerio software firewall is just as bad as no protection at all. And can leave a user open to infection. In the end offering up this type of solution does nothing to actually get a user secure. If you would like to debate the security of a software versus hardware solution we can go there as well.
Because Linux, MAC OS X, Firefox and routers have all had their share of security issues - presently and in the past.
I was planning on do an article close to this subject today in my blog. Do to a recent thread in the security forum. This will just add fire to that.
It's great that the forum has a bunch of Linux geeks. But keep in mind - Linux is not a user friendly solution. Your average user isn't going to want to take the time to learn or setup Smoothwall. And honestly most families don't have an extra not being used box lying around the house anyway. I think someone needs to spend less time with networks and keep a closer eye on reality.
Is Smoothwall an option - yes. Would it be an interesting geek project - maybe for some. But your average user in this forum isn't honestly ( in most cases ) come near to fitting that profile. And offering up such a solution as a security option - truly does them no favors. Unless you like dealing with worm, trojan and spam zombie infections. Which add nothing but headaches to the network. So I guess maybe Smoothwall is being offered as a solution to help with job security maybe.:)
--
Test Your Security
Benefit for Children's Cancer
Cable Diagnostics
My Blog |
|
SauceMaster
join:2004-08-01
Kokomo, IN
·Comcast
·AT&T Midwest
| reply to JTeel
Hey I didn't ask for a rant , insight provides some info on things , infact I don't even have the insight software installed on my pc.
You expect the techs to know how to setup a firewall properlly ? when I first had @home which was insight the tech fubared my PC and my network , never again will I let one touch my pc.
It's my Job to secure my PC not there's , you can moan all you like , but it's not there job to secure your pc.
--
Broadcasting The Classic Hits 24/7 SauceMaster Radio!!!! |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
1 edit | I will agree that it is Insights job to keep their network secure. And it is up to the customer to do so with their home machine. That is covered in the TOS ( terms of service ) and on the Insight website. I have no problem with ISP's who wish to try and help out in regards to that process. I think users will find it more useful. If they handle things themselves.
--
Test Your Security
Benefit for Children's Cancer
Cable Diagnostics
My Blog |
|
robbym627
Premium
join:2003-09-14
Springfield, IL
 ·surpasshosting
·Comcast
| reply to JTeel
I had no issues setting up Smoothwall, Ipcop, or any other security solution. I have also had other people set it up wit no issue that can hardly turn a computer on. If you can read you can set it up. That is what all of the documentation is for. Any suggestion is a good suggestion. Last time I checked I was free to say what I wanted here. Until you moderate this forum back off. |
|
JTeel
join:2002-11-26
Brookston, IN
| reply to JTeel
I wasn't intending to start a war over what the best PC security was for broadband connections. I just wanted to know if Insightbb did anything at the client side for security. That was answered by IGGY in the second response to my original post. We could debate for days on what would be the best for securing our LAN but it was stated very accurately by IGGY for this case that the user just does not know enough about computers to manage the security of a broadband connection. And I'm sure there are many other users out there that are in the same class.
As far as Insight having help about securing your own system after the service is installed I found that only after the link was posted here in this form. I looked at lots of pages on their web and didn't find anything. As a web designer it seemed kind of buried in a hard-to-find place.
At any rate this has been an interesting discussion and I have enjoyed reading each poster's passionate view.
Thanks |
|
BeesTea
Network Janitor
Premium,VIP
join:2003-03-08
00000
| reply to IGGY
said by IGGY  :
Ok we are going to have to go there aren't we? How do you expect your average user to have an clue how to set that up? Yes for the true geek this might be a fun project. It might even offer a good amount of security. But your average user is not going to be able to go setup a Linux solution for security. Even if someone sets this up for them. It's not going to be an easy to manage solution. And honestly for the average user their is no need to go this extreme. An easier - somewhat more user friendly option - would be to go with a router. But this has drawbacks as was mentioned above.
It's fairly obvious that you've not recently, or ever, set one of these systems up. It's literally as easy as booting a CD and configuring the device just as if it were a linksys router. The advantages are that it runs no external services (no entry point), is stateful, very well documented, and upgrades don't require flashing firmware or any other silliness as the user can simply burn a new CD and be done with it.
The configuration process for smoothwall, clark connect, or monowall is extremely simple and in most cases has a simple http based "wizard".
quote:
I'm sorry but this type of post drives me ape ----!! You see this type of crap in the security forum all the time. Oh your having issues with your software firewall - go get Kerio or Smoothwall. Oh that is just smart isn't it? A user who can't understand Norton, Mcafee, Sygate or ZoneLabs ZoneAlarm is definitely going to have the brains and patiences to figure a Kerio or Smoothwall solution.
Kerio is a software firewall. No different than any of the others mentioned.
quote:
Come on - lets keep it real. And offer true easy to use solutions. A mis-configured Smoothwall or Kerio software firewall is just as bad as no protection at all. And can leave a user open to infection. In the end offering up this type of solution does nothing to actually get a user secure. If you would like to debate the security of a software versus hardware solution we can go there as well.
A mis-configured anything is bad. Using some pointy clicky end point solution offers no assurance that anything was done correctly, nor does it ensure that the user "gets it". As robbym627 pointed out, all kinds of people can read. I'll also gladly debate the value of a hardware based network security solution vs a software one. Security is what I do for a living.
quote:
Because Linux, MAC OS X, Firefox and routers have all had their share of security issues - presently and in the past.
There's been a single vulnerability that could affect a Linux based router in the last 2 years. That vulnerability would result in a denial of service and not a system compromise. That's just Linux alone. The Microsoft security record is not some kind of conspiracy, it really is that bad, and has been for years. The BSD, Linux, whatever, security record may not be perfect, however it is literally orders of magnitude better than win32. It will continue to be that way, for the foreseeable future, simply because these systems generally run no services out of the box, and the OS design operates on the concept of least privilege. It's the truth, and there's no amount of fist waving that can change that.
quote:
I was planning on do an article close to this subject today in my blog. Do to a recent thread in the security forum. This will just add fire to that.
It's great that the forum has a bunch of Linux geeks. But keep in mind - Linux is not a user friendly solution. Your average user isn't going to want to take the time to learn or setup Smoothwall. And honestly most families don't have an extra not being used box lying around the house anyway. I think someone needs to spend less time with networks and keep a closer eye on reality.
The reality is that it's not complicated. People are not born knowing how to use Windows, Mac OS, or anything else. They learn how to do it. While I'll admit UNIX and UNIX-like OS's are not quite ready for the desktop, they certainly ar eready as a network appliance. If Linksys can sell Linux based routers to the unwashed masses, then certainly the same unwashed masses can use it without the Linksys hardware.
quote:
Is Smoothwall an option - yes. Would it be an interesting geek project - maybe for some. But your average user in this forum isn't honestly ( in most cases ) come near to fitting that profile. And offering up such a solution as a security option - truly does them no favors. Unless you like dealing with worm, trojan and spam zombie infections. Which add nothing but headaches to the network. So I guess maybe Smoothwall is being offered as a solution to help with job security maybe.:)
Showing people all their available options is hardly a bad thing. If they can't, or don't want to, mess with booting a non win32 packet filter then that's fine. If they do, at least they'll know what some of the options are.
As for worms as a result of using a Linux firewall ?? Frankly that's silly. There is no increased chance of mis-configuring this device than there is for any other. Just because you don't like the solution, doesn't mean it's not a good one. If Linksys can use it for this purpose, I think that says something about it's usefulness in this role.
My opinion for Insights role in securing the network is pretty simple. Block the most exploited service ports on the network (tcp,udp 137-139, 445 there are a few more, but this is a good start). I help manage and secure a network more than twice the size of Insight's and we made the network policies a reality years ago. I look forward to the day they block outbound 25 to anywhere but their relays and require authenticated TLS based SMTP as well.
Cheers,
-BeesT
--
echo 16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D4D465452snlb xq |dc |
|
